APPLICATION INSTRUCTIONS: - CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student), please login to Workday to complete the internal application process. Please do not apply here, apply internally through Workday. - CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State, please login to Workday to complete the student application process. Please do not apply here, apply internally through Workday. - If you are NOT a current employee or student, please click “Apply” and complete the application process for external applicants. Approval of remote and hybrid work is not guaranteed regardless of work location. For additional information on remote work at Penn State, see Notice to Out of State Applicants. ​ POSITION SPECIFICS​ The Pennsylvania State University Privacy Office, part of Information Technology, Information Security, is seeking a Privacy and Security Compliance Specialist to join our dynamic and innovative team. If you are passionate about the evolving landscape of data privacy, risk management, and regulatory compliance, we invite you to consider this opportunity. This position plays a key role in supporting Penn State’s mission to maintain a unified and robust privacy and information security program. This position will report directly to the University’s Chief Information Security Officer (CISO) and Chief Privacy Officer (CPO). The successful candidate will collaborate with a broad range of stakeholders across academic, administrative, and research units to ensure adherence to Penn State's privacy and data‑protection policies, standards, and regulatory obligations, including the Gramm–Leach–Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA), and international data‑protection and privacy laws. KEY RESPONSIBILITIES - Lead, advise, and support the development, implementation, and ongoing monitoring of enterprise‑wide compliance programs. - Interpret and communicate applicable laws, regulations, policies, and standards to diverse audiences. - Develop, deliver, and promote training and awareness initiatives related to Penn State’s privacy and regulatory compliance obligations. - Partner with internal and external entities to ensure appropriate safeguards for data governed by state, federal, and international requirements. - Identify, assess, and mitigate privacy and compliance risks, and report instances of non‑compliance to appropriate stakeholders. - Collaborate with units across the institution to support the achievement and maintenance of privacy, data protection, and compliance objectives. REQUIRED QUALIFICATIONS - Knowledge of domestic and international privacy and data‑protection laws and regulations, including GDPR, GLBA, HIPAA, and FERPA. - Excellent verbal and written communication skills; strong analytical, judgment, and organizational abilities. - Demonstrated commitment to outstanding customer service. - Degree in business administration, healthcare, or a related field, plus one year of relevant experience, or an equivalent combination of education and experience. PREFERRED QUALIFICATIONS - Experience advising on enterprise‑level privacy and compliance programs including HIPAA. - Experience performing privacy impact and compliance assessments. - Experience working in a higher‑education environment. MINIMUM EDUCATION, WORK EXPERIENCE & REQUIRED CERTIFICATIONS Bachelor's Degree 1+ years of relevant experience; or an equivalent combination of education and experience accepted Required Certifications: None LOCATION The location of this position is flexible and can operate fully remote within the United States (restrictions may apply), fully in-person at our University Park Campus, or in a hybrid model of both in-person and remote (restrictions may apply). Standard working hours are in the eastern time zone. Penn State IT is supportive of flexible work arrangements when aligned with the ability to meet the needs of the unit and the essential duties of the position. Questions related to flexible work hours should be directed to the hiring manager during the interview process. BACKGROUND CHECKS/CLEARANCES Employment with the University will require successful completion of background check(s) in accordance with University policies. Penn State does not sponsor or take over sponsorship of a staff employment Visa. Applicants must be authorized to work in the U.S. SALARY & BENEFITS The salary range for this position, including all possible grades, is $61,800.00 - $89,600.00. Salary Structure - Information on Penn State's salary structure Penn State provides a competitive benefits package for full-time employees designed to support both personal and professional well-being. In addition to comprehensive medical, dental, and vision coverage, employees enjoy robust retirement plans and substantial paid time off which includes holidays, vacation and sick time. One of the standout benefits is the generous 75% tuition discount, available to employees as well as eligible spouses and children. For more detailed information, please visit our Benefits Page. CAMPUS SECURITY CRIME STATISTICS Pursuant to the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act and the Pennsylvania Act of 1988, Penn State publishes a combined Annual Security and Annual Fire Safety Report (ASR). The ASR includes crime statistics and institutional policies concerning campus security, such as those concerning alcohol and drug use, crime prevention, the reporting of crimes, sexual assault, and other matters. The ASR is available for review here. EEO IS THE LAW Penn State is an equal opportunity employer and is committed to providing employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If you are unable to use our online application process due to an impairment or disability, please contact 814-865-1473. Penn State is committed to and accountable for advancing equity, respect, and belonging. We embrace individual uniqueness, as well as a culture of belonging that supports equity initiatives, leverages the educational and institutional benefits of inclusion in society, and provides opportunities for engagement intended to help all members of the community thrive. We value belonging as a core strength and an essential element of the university’s teaching, research, and service mission. Federal Contractors Labor Law Poster PA State Labor Law Poster Penn State Policies Copyright Information Hotlines

BioCatch is the leader in Behavioral Biometrics, a technology that leverages machine learning to analyze an online user’s physical and cognitive digital behavior to protect individuals online. BioCatch’s mission is to unlock the power of behavior and deliver actionable insights to create a digital world where identity, trust, and ease coexist.Today, 32 of the world's largest 100 banks and 210 total financial institutions rely on BioCatch Connect™ to combat fraud, facilitate digital transformation, and grow customer relationships.. BioCatch’s Client Innovation Board, an industry-led initiative including American Express, Barclays, Citi Ventures, and National Australia Bank, helps BioCatch to identify creative and cutting-edge ways to leverage the unique attributes of behavior for fraud prevention. With over a decade of analyzing data, more than 80 registered patents, and unparalleled experience, BioCatch continues to innovate to solve tomorrow’s problems. For more information, please visit www.biocatch.com. We are looking for an exceptional customer-facing Threat Analyst to help our prospects and customers optimize their value within BioCatch solutions. The BioCatch Threat Analyst is a consultancy role that involves a combination of skills. You will be comfortable completing advanced analytics, advising customers on fraud detection/prevention and strategy with your domain knowledge expertise and communicating with customers from C-level to operational fraud investigators. This role is unique in the industry and to be successful, you must be a motivated self-starter who can ramp-up quickly and work autonomously. With a support network of Threat Analysts distributed globally, you will become a key individual in the global fight against digital fraud. It can be difficult to distill this role down to a regular day-to-day, because every day is different, however some key responsibilities include: - Maintain strong relationships with fellow fraud fighters within the BioCatch customer base to support and enable them to get maximum value out of the BioCatch solutions. - Provide subject matter expertise (SME) support to our customers to drive the use of BioCatch in achieving their strategic plans. - Work with customers and BioCatch Data Science to continually strive for high fraud detection rates, whilst maintaining low levels of friction for genuine customers. - Use a data-driven approach to prove the value of BioCatch against success criteria for proof of value and pilot projects. - Educate potential and new customers on BioCatch and Behavioural Biometrics specifically for targeting their key problems and use cases. - Work tactically with customers to deploy rules for acute fraud attacks. - Continually focus on leading customers towards best practices. - Be a voice of the customer to internal BioCatch functions to drive our own product strategy and delivery. - Support BioCatch Data Science in researching new and emerging threats across our main use cases including Account Takeover, Account Opening, Remote Access Scams, Social Engineering Scams and Mule detection. - Deliver reporting and insights on fraud detection performance. - Share interesting stories and learnings from the field with our Sales Enablement function and strive to be a thought leader in the fraud space. - Provide SME support to the BioCatch Sales functions to enable them in new customer acquisitions. Requirements Desired Skills and Experience: - 3+ Years of experience as a Threat Analyst/Data Analyst - A bachelors / graduate degree in Computer Science/Mathematics/Statistics/related field - Experience with financial institutions’ fraud departments and/or fraud monitoring tools - Experience working within cross-functional teams - Experience with SQL to an intermediate/advanced level - Experience with Python and/or R (advantage) - Understanding of statistical modeling techniques - Strong presentation skills with a proven record of presenting to a range of audience types - Great business and customer relationships - Good communications and teamwork - Self and quick learner - Professional attitude Notes: - Requires availability for travel in North America to meet customers and lead onsite workshops - Full-time, flexible working hours - Remote working arrangement, based in USA Salary range: 115k - 135k USD (Annual) We take care of our team inside and outside of work, with benefits designed to support your health, growth, and well-being. - Flexible paid time off policy - Sick, Maternity/ Paternity, and other paid leaves - 401(k) plan with up to 4% company match - Healthcare programs tailored to your needs - Life insurance - Wellness programs, EAP, and personalized health advocacy - Fully remote and shared space work options across the US - Monthly reimbursements for home internet and cell phone The benefits listed reflect our offerings at the time of posting and may be adjusted, enhanced, or, where necessary, discontinued at the company's discretion.

Role Description We have an opening for a full-time Security Control Assessor to join our talented, dynamic team in support of the Department of Veterans Affairs. As a Security Control Assessor, you will be trusted to support the delivery of our cybersecurity solutions and services. In this role, you will be a part of a security control assessment team working on the tasks outlined below. Veterans are encouraged to apply. Responsibilities: - Lead a small team in coordinating and conducting security control assessment activities, stakeholder interviews, and report generation. - Conduct independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37). - Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks. - Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network. - Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations. - Develop security compliance processes and/or audits for external services (e.g., cloud service providers, data centers). - Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy. - Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change. - Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials). Qualifications - Bachelor's degree in computer science, electronics engineering or other engineering or technical discipline is required, and will accept relevant experience in lieu of degree. - 2+ years hands-on experience with Cybersecurity policy, risk management, or security and privacy control assessments. - Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). - Knowledge of system and application security threats and vulnerabilities. - Knowledge of Personally Identifiable Information (PII), Payment Card Industry (PCI), and Personal Health Information (PHI) data security standards. Requirements - Experience with security control assessments within the VA using the NIST Risk Management Framework (RMF) is a plus. - Certifications such as SCA and CISA are a plus. - Exceptional written and verbal communication skills. - Strong planning, organizational, and time management skills. - Exceptional analytical and conceptual thinking skills. - Ability to work collaboratively with a team of peers. Benefits - Traditional and HSA-eligible medical insurance plans. - 100% employer-paid dental and vision insurance options. - 100% employer-sponsored STD, LTD, and life insurance. - 5% 401(k) company matching. - Flexible schedules and teleworking options. - Paid holidays and PTO Accrual Plans. - Paid Parental Leave. - Professional development and career growth opportunities. - Team and company-wide events, recognition, and appreciation.

Job Title: RIT Co-op Department: Information Security - Governance, Risk, & Compliance Location: Remote SUMMARY: As a participant in the RIT paid Co-Op you will gain exposure and experience in the healthcare field, covering a multitude of areas within Information Security - Governance, Risk, & Compliance. RESPONSIBILITIES: - Provides work experience directly related to student’s course of study and career interests. - Student is given specific responsibilities related to the field of study and department in which he/she is a co-op. - Allows student to learn through active engagement and meaningful activities. - Performs other duties as assigned. REQUIRED QUALIFICATIONS: - Student of RIT. - Background in the field of study which coincides with the department utilizing the co-op. PREFERRED QUALIFICATIONS: - Dependent upon the department utilizing the co-op, specific skills or qualifications may be preferred EDUCATION: LICENSES / CERTIFICATIONS: PHYSICAL REQUIREMENTS: S - Sedentary Work - Exerting up to 10 pounds of force occasionally Sedentary work involves sitting most of the time, but may involve walking or standing for brief periods of time. Jobs are sedentary if walking and standing are required only occasionally and all other sedentary criteria are met. For disease specific care programs refer to the program specific requirements of the department for further specifications on experience and educational expectations, including continuing education requirements. Any physical requirements reported by a prospective employee and/or employee’s physician or delegate will be considered for accommodations. PAY RANGE: $20.00 - $20.00 CITY: Rochester POSTAL CODE: 14617 The listed base pay range is a good faith representation of current potential base pay for a successful full time applicant. It may be modified in the future and eligible for additional pay components. Pay is determined by factors including experience, relevant qualifications, specialty, internal equity, location, and contracts. Rochester Regional Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender identity or expression, national origin, age, disability, predisposing genetic characteristics, marital or familial status, military or veteran status, citizenship or immigration status, or any other characteristic protected by federal, state, or local law.